Vulnerabilities > CVE-2017-15094 - Missing Release of Resource after Effective Lifetime vulnerability in Powerdns Recursor
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- HTTP DoS An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2017-608B6F5945.NASL description Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-01-15 plugin id 105888 published 2018-01-15 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105888 title Fedora 27 : pdns-recursor (2017-608b6f5945) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1339.NASL description This update for pdns-recursor fixes the following issues : Security issues fixed : - CVE-2017-15090: An issue has been found in the DNSSEC validation component of PowerDNS Recursor, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records (boo#1069242). - CVE-2017-15092: An issue has been found in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and JavaScript code into the web interface, altering the content (boo#1069242). - CVE-2017-15093: When `api-config-dir` is set to a non-empty value, which is not the case by default, the API allows an authorized user to update the Recursor last seen 2020-06-05 modified 2017-12-14 plugin id 105229 published 2017-12-14 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/105229 title openSUSE Security Update : pdns-recursor (openSUSE-2017-1339) NASL family Fedora Local Security Checks NASL id FEDORA_2017-1585789772.NASL description Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-12-13 plugin id 105198 published 2017-12-13 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105198 title Fedora 26 : pdns-recursor (2017-1585789772) NASL family DNS NASL id POWERDNS_RECURSOR_4_0_7.NASL description According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 4.0.x prior to 4.0.7. It is, therefore, affected by multiple vulnerabilities: - Insufficient validation of DNSSEC signatures. (CVE-2017-15090) - Cross-Site Scripting (XSS) in the web interface. (CVE-2017-15092) - Memory leak in DNSSEC parsing. (CVE-2017-15094) Note that Nessus has not attempted to exploit these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 106193 published 2018-01-19 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106193 title PowerDNS Recursor 4.0.x < 4.0.7 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2017-81FE39AD9F.NASL description Update to latest version. Contains security fixes for CVE-2017-15090, CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-12-13 plugin id 105203 published 2017-12-13 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105203 title Fedora 25 : pdns-recursor (2017-81fe39ad9f)